Although Spring Security may have some dependencies on the Spring Framework, the inclusion of those libraries should not affect the rest of your application if you do not intend to use Spring for Dependency Injection, etc. In fact, the only trouble would be if you did use Spring and had some requirement for an older version that Spring Security doesn't support.
Spring Security is implemented through a HTTP filter so it runs outside of your S2 application and wraps the requests. You can make static calls to SecurityContext inside your struts actions to find out information about the currently logged in user. Often, people will wrap these types of calls in a facade to insulate their application from any Spring-type imports/dependencies in case they wanted to change security providers in the future. -D aum strut wrote: > > Hi All, > > my main point was also this we were about to choose Spring Security but as > we are not going to use Spring in our application so we were just a bit > confused (:) ) if we can use this frame work even without using Spring?? > > hope to get some light over this. > > On Sun, Jun 21, 2009 at 12:37 PM, dusty <dustin_pea...@yahoo.com> wrote: > >> >> We have used Spring Security in the last 10 struts2 apps. We have some >> that >> use a local user store in the database, others that use LDAP to AD and >> some >> that use Atlassian's Crowd. >> >> Spring Security is very easy to add to your app and gives just about >> everything you need.... I have not ventured into some of the more >> advanced >> ACL features for securing individual objects, but it is also fairly >> straight >> forward to provide method level security. >> >> A good example of Spring Security implemented on top of Struts2 is the >> appfuse framework. http://appfuse.org. >> >> >> >> >> aum strut wrote: >> > >> > Hi All, >> > >> > We are on the way to develop a new application using struts2. Currently >> we >> > are analysing the area of authentication and authorization, we do have >> > some >> > options of using the following frame work for these >> > >> > 1) Acegi >> > 2)JAAS >> > >> > my point is that we any one in the list is using any of the security >> frame >> > work.please let me know about there experiences, so that it will help >> us >> > in >> > choosing the right security model. >> > >> > regarding the pltfrom we have decided to use is as follows >> > >> > 1) Struts2 >> > 2) JSP/Velocity >> > 3) Hibernate >> > 4) YUI >> > >> > these are the core building block rest technologies and frame work can >> be >> > choosen as required >> > >> > looking forward for your valuable suggestions. >> > >> > thannks in advance >> > aum >> > >> > >> >> -- >> View this message in context: >> http://www.nabble.com/Struts2-and-Security-tp24106660p24132071.html >> Sent from the Struts - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: user-unsubscr...@struts.apache.org >> For additional commands, e-mail: user-h...@struts.apache.org >> >> > > -- View this message in context: http://www.nabble.com/Struts2-and-Security-tp24106660p24141796.html Sent from the Struts - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: user-unsubscr...@struts.apache.org For additional commands, e-mail: user-h...@struts.apache.org
